CVE-2016-7144

2017-01-18T17:59:00
ID CVE-2016-7144
Type cve
Reporter cve@mitre.org
Modified 2017-01-20T15:12:00

Description

The m_authenticate function in modules/m_sasl.c in UnrealIRCd before 3.2.10.7 and 4.x before 4.0.6 allows remote attackers to spoof certificate fingerprints and consequently log in as another user via a crafted AUTHENTICATE parameter.